[openssl.org #1014] prngd/egd interface hard loops eating CPU if descriptor closes
We had a report of sshd looping and eating CPU under some conditions
(reference below). The original report was on Solaris 8, we had other on
HP-UX 11.11 and I have reproduced it on HP-UX 11.00. It can probably
occur on any platform using egd or prngd for entropy.
The cause of the CPU utilization appears to be a bug in OpenSSL's
egd/prngd interface. It seems that when reading from prngd, the read
loop does not test for a return of zero indicating the descriptor has
closed, and will retry the read() ad infinitum if that happens. At this
time, I am not sure why/how the descriptor ends up closed, however I have
found a way to reproduce the problem at will.
Attached are 2 patches:
This is a nasty hack to prngd to provoke the error in RAND_bytes() and
friends. Apply it, start prngd and run something like "openssl rand -out
/dev/null 512" while watching "top" or similar. "openssl" will hang while
This is my attempt to fix the problem by testing for a zero return code
from read(). Tested OK on HP-UX 11.00.
The original bug report is here:
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
OpenSSL Project [url]http://www.openssl.org[/url]
Development Mailing List [email]firstname.lastname@example.org[/email]
Automated List Manager [email]email@example.com[/email]